| author | ymh <ymh.work@gmail.com> |
| Mon, 14 Oct 2019 17:39:30 +0200 | |
| changeset 7 | cf61fcea0001 |
| parent 5 | 5e2f62d02dcd |
| child 9 | 177826044cd9 |
| permissions | -rw-r--r-- |
| 5 | 1 |
/* global zxcvbn */ |
| 0 | 2 |
window.wp = window.wp || {}; |
3 |
||
4 |
var passwordStrength; |
|
5 |
(function($){ |
|
6 |
wp.passwordStrength = { |
|
7 |
/** |
|
8 |
* Determine the strength of a given password |
|
9 |
* |
|
10 |
* @param string password1 The password |
|
11 |
* @param array blacklist An array of words that will lower the entropy of the password |
|
12 |
* @param string password2 The confirmed password |
|
13 |
*/ |
|
14 |
meter : function( password1, blacklist, password2 ) { |
|
15 |
if ( ! $.isArray( blacklist ) ) |
|
16 |
blacklist = [ blacklist.toString() ]; |
|
17 |
||
18 |
if (password1 != password2 && password2 && password2.length > 0) |
|
19 |
return 5; |
|
20 |
||
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
21 |
if ( 'undefined' === typeof window.zxcvbn ) { |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
22 |
// Password strength unknown. |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
23 |
return -1; |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
24 |
} |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
25 |
|
| 0 | 26 |
var result = zxcvbn( password1, blacklist ); |
27 |
return result.score; |
|
28 |
}, |
|
29 |
||
30 |
/** |
|
31 |
* Builds an array of data that should be penalized, because it would lower the entropy of a password if it were used |
|
32 |
* |
|
33 |
* @return array The array of data to be blacklisted |
|
34 |
*/ |
|
35 |
userInputBlacklist : function() { |
|
36 |
var i, userInputFieldsLength, rawValuesLength, currentField, |
|
37 |
rawValues = [], |
|
38 |
blacklist = [], |
|
39 |
userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ]; |
|
40 |
||
41 |
// Collect all the strings we want to blacklist |
|
42 |
rawValues.push( document.title ); |
|
43 |
rawValues.push( document.URL ); |
|
44 |
||
45 |
userInputFieldsLength = userInputFields.length; |
|
46 |
for ( i = 0; i < userInputFieldsLength; i++ ) { |
|
47 |
currentField = $( '#' + userInputFields[ i ] ); |
|
48 |
||
| 5 | 49 |
if ( 0 === currentField.length ) { |
| 0 | 50 |
continue; |
51 |
} |
|
52 |
||
53 |
rawValues.push( currentField[0].defaultValue ); |
|
54 |
rawValues.push( currentField.val() ); |
|
55 |
} |
|
56 |
||
57 |
// Strip out non-alphanumeric characters and convert each word to an individual entry |
|
58 |
rawValuesLength = rawValues.length; |
|
59 |
for ( i = 0; i < rawValuesLength; i++ ) { |
|
60 |
if ( rawValues[ i ] ) { |
|
61 |
blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) ); |
|
62 |
} |
|
63 |
} |
|
64 |
||
65 |
// Remove empty values, short words, and duplicates. Short words are likely to cause many false positives. |
|
66 |
blacklist = $.grep( blacklist, function( value, key ) { |
|
| 5 | 67 |
if ( '' === value || 4 > value.length ) { |
| 0 | 68 |
return false; |
69 |
} |
|
70 |
||
71 |
return $.inArray( value, blacklist ) === key; |
|
72 |
}); |
|
73 |
||
74 |
return blacklist; |
|
75 |
} |
|
| 5 | 76 |
}; |
| 0 | 77 |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
78 |
// Back-compat. |
| 0 | 79 |
passwordStrength = wp.passwordStrength.meter; |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
80 |
})(jQuery); |